You Had a Security Incident – Now What?
Security Incidents are Serious
If your company experiences a breach before you have an incident response plan in place, it’s already too late.
- More than 1.9 billion data records compromised worldwide in the first half of 2017.
- Just 24% of companies say they have an incident response plan in place.
- The global average cost of a data breach is $3.6 million.
If you have an incident response plan, does your company know how to enact it? Would it be effective? Don’t wait to find out.
As your partner, we’ll get you from detection through future prevention with expert incident response services designed to get companies of all industries and sizes back to business as usual.
If you believe you’ve detected a security incident, we’ll respond immediately and step in to help you handle it.
We’re already monitoring your security posture, and have an incident response plan to coordinate your response if we detect an incident.
Incident Response Begins and Ends with a Plan
Once an incident has been detected, we’ll help you determine what happened and why through a thorough analysis of the event to answer many vital questions.
- How was the attack carried out?
- Who was involved?
- What type of malware was used?
- What happened as a result of the attack?
- Is the incident still occurring?
- What type of threat are we faced with?
- What needs to be done?
A forensic analysis may be necessary depending on the type of response. This evidence-based incident response can result in terminations or lawsuits based on who was involved and how much damage was done.
Containment is two-fold.
- Minimize the overall impact of the incident, limit its capability and ensure the problem doesn’t spread.
- Coordinate with outside vendors or third parties as needed to ensure compliance with your regulatory and fiduciary obligations before going back to business as usual.
Eradication & Restoration
This step is where things get technical. To handle the existing problem and help prevent it in the future, technical controls can be put in place.
Think of it as your business continuity plan. While you’re recovering from an incident, can business keep going?
With the incident behind you, it’s time to discuss a strategy for future prevention. You may not be able to prevent another incident from occurring, but you can have a plan to adequately respond if it does.
Incident Response as a Managed Service Solution
Minimize risk and protect your organization with an incident response managed service solution from DirectDefense. Through our incident response managed service solutions, your organization can leverage our expertise and experience in intrusion detection and prevention systems. With a fully-customizable service package, you can choose the level of support that best fits your security staff’s needs and meets the operational and governance requirements of your company.